1  /*
       2   * Redistribution and use in source and binary forms, with or without
       3   * modification, are permitted provided that the following conditions
       4   * are met:
       5   * 1. Redistributions of source code must retain the above copyright
       6   *    notice, and the entire permission notice in its entirety,
       7   *    including the disclaimer of warranties.
       8   * 2. Redistributions in binary form must reproduce the above copyright
       9   *    notice, this list of conditions and the following disclaimer in the
      10   *    documentation and/or other materials provided with the distribution.
      11   * 3. The name of the author may not be used to endorse or promote
      12   *    products derived from this software without specific prior
      13   *    written permission.
      14   *
      15   * ALTERNATIVELY, this product may be distributed under the terms of
      16   * the GNU Public License, in which case the provisions of the GPL are
      17   * required INSTEAD OF the above restrictions.  (This clause is
      18   * necessary due to a potential bad interaction between the GPL and
      19   * the restrictions contained in a BSD-style copyright.)
      20   *
      21   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
      22   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
      23   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
      24   * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
      25   * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
      26   * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
      27   * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
      28   * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
      29   * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
      30   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
      31   * OF THE POSSIBILITY OF SUCH DAMAGE.
      32   */
      33  
      34  /*
      35   * Check crypt handling
      36   * First use exact password, 8 characters (13 characters crypt)
      37   * Second use longer password, 9 characters
      38   */
      39  
      40  #ifdef HAVE_CONFIG_H
      41  #include <config.h>
      42  #endif
      43  
      44  #include <stdio.h>
      45  #include <stdlib.h>
      46  #include <string.h>
      47  #include <security/pam_appl.h>
      48  
      49  static int in_test;
      50  
      51  /* A conversation function which uses an internally-stored value for
      52     the responses. */
      53  static int
      54  fake_conv (int num_msg, const struct pam_message **msgm UNUSED,
      55  	   struct pam_response **response, void *appdata_ptr UNUSED)
      56  {
      57    struct pam_response *reply;
      58    int count;
      59  
      60    /* Sanity test. */
      61    if (num_msg <= 0)
      62      return PAM_CONV_ERR;
      63  
      64    /* Allocate memory for the responses. */
      65    reply = calloc (num_msg, sizeof (struct pam_response));
      66    if (reply == NULL)
      67      return PAM_CONV_ERR;
      68  
      69    /* Each prompt elicits the same response. */
      70    for (count = 0; count < num_msg; ++count)
      71      {
      72        reply[count].resp_retcode = 0;
      73        /* first call get a password, second one a too long one */
      74        if (in_test == 1)
      75  	reply[count].resp = strdup ("pamunix0");
      76        else if (in_test == 2)
      77  	reply[count].resp = strdup ("pamunix01");
      78        else
      79  	reply[count].resp = strdup ("pamunix1");
      80      }
      81  
      82    /* Set the pointers in the response structure and return. */
      83    *response = reply;
      84    return PAM_SUCCESS;
      85  }
      86  
      87  static struct pam_conv conv = {
      88      fake_conv,
      89      NULL
      90  };
      91  
      92  
      93  /* Check that errors of optional modules are ignored and that
      94     required modules after a sufficient one are not executed.  */
      95  
      96  int
      97  main(int argc, char *argv[])
      98  {
      99    pam_handle_t *pamh=NULL;
     100    const char *user="tstpamunix";
     101    int retval;
     102    int debug = 0;
     103  
     104    if (argc > 1 && strcmp (argv[1], "-d") == 0)
     105      debug = 1;
     106  
     107    retval = pam_start("tst-pam_unix2", user, &conv, &pamh);
     108    if (retval != PAM_SUCCESS)
     109      {
     110        if (debug)
     111  	fprintf (stderr, "unix2: pam_start returned %d\n", retval);
     112        return 1;
     113      }
     114  
     115    /* Try one, first input is correct, second is NULL */
     116    in_test = 1;
     117    retval = pam_authenticate (pamh, 0);
     118    if (retval != PAM_SUCCESS)
     119      {
     120        if (debug)
     121  	fprintf (stderr, "unix2-1: pam_authenticate returned %d\n", retval);
     122        return 1;
     123      }
     124  
     125    /* Try two, second input is too long  */
     126    in_test = 2;
     127    retval = pam_authenticate (pamh, 0);
     128    if (retval != PAM_SUCCESS)
     129      {
     130        if (debug)
     131          fprintf (stderr, "unix2-2: pam_authenticate returned %d\n", retval);
     132        return 1;
     133      }
     134  
     135    /* Third try, third input is wrong  */
     136    in_test = 3;
     137    retval = pam_authenticate (pamh, 0);
     138    if (retval != PAM_AUTH_ERR)
     139      {
     140        if (debug)
     141          fprintf (stderr, "unix2-3: pam_authenticate returned %d\n", retval);
     142        return 1;
     143      }
     144  
     145  
     146    retval = pam_end (pamh,retval);
     147    if (retval != PAM_SUCCESS)
     148      {
     149        if (debug)
     150  	fprintf (stderr, "unix2: pam_end returned %d\n", retval);
     151        return 1;
     152      }
     153    return 0;
     154  }